
<?php require_once('Connections/local.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['DNI'])) {
  $loginUsername=$_POST['DNI'];	
  $password=$_POST['Contrasena'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess2 = "pagina.php";
  $MM_redirectLoginSuccess = "administrador.php";
  $MM_redirectLoginFailed = "fallologeo.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_local, $local);
  
  $LoginRS__query=sprintf("SELECT  DNI, Contrasena, COD_USUARIO, ROL FROM usuarios WHERE DNI=%s AND Contrasena=password (%s)",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   var_dump($LoginRS__query);
   
  $LoginRS = mysql_query($LoginRS__query, $local) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
	$row= mysql_fetch_array($LoginRS);
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
	$_SESSION['MM_COD_USUARIO'] = $row['COD_USUARIO'];
    $_SESSION['MM_Username'] = $loginUsername;	      
	$_SESSION['MM_ROLE'] = $row['ROL'];
    if ($_SESSION['MM_ROLE'] == 'administrador'){
   	 
    header("Location: " . $MM_redirectLoginSuccess );
 	 }else{ 
 	header("Location: " . $MM_redirectLoginSuccess2 );
 	 }
  } else {
    header("Location: " . $MM_redirectLoginFailed );
  }
 }
?>

<html>

<style type="text/css">
.centrado {
	text-align: center;
}
centrado {
	text-align: center;
}
body p {
	text-align: center;
}
body p {
	text-align: center;
}
body {
	margin-left: 400px;
	margin-top: 200px;
	margin-right: 400px;
	margin-bottom: 400px;
}
</style>
<body>
<table width="600" border="1">
  <tr>
    <td width="600" height="60" bgcolor="#CCCCCC" class="centrado">INICIAR SESI&OacuteN    </td>
  </tr>
  <tr>
    <td bgcolor="#CCCCCC"><p>DNI</p>
      <form id="form1" name="DNI" method="POST" action="<?php echo $loginFormAction; ?>">
      	<p>
       <label for="DNI"></label>
        <input name="DNI" type="text" id="DNI" value="Introduce tu DNI" />
      </p>
<p>CONTRASE&NtildeA</p>
<p>
    <label for="Contrasena"></label>
    <input name="Contrasena" type="password" id="Contrasena" />
    </p>
 <p>
 <input type="submit" name="submit" value="iniciar sesion" />
      <input type="reset" name="reset" value="Borrar Valores" />
    </p>
 <p>Si no formas parte de nostros, <a href="index.php"> REGISTRATE </a> </p>
      </form>
<text align="center">
	  <h1> ERROR, INTENTALO DE NUEVO </h1>
	  
</table>


</body>
</html>
